ietf-mta-filters
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

managesieve/anonymous

2006-06-05 10:24:27
from [Arnt Gulbrandsen] [Permanent Link] 

Hi,
I think the use of anonymous authentication in managesieve sounds like a hack. It's not authentication, it's reusing RFC 2245 for another purpose. 

I suggest dropping it and adding this instead:
Servers MAY allow the PUTSCRIPT command to unauthenticated clients. In this case, the server MUST carry out a syntax check of the uploaded script, report any errors and MUST NOT store the script. A server signals this functionality by offering the capability PUTSCRIPT.
(Is it conceivable that the correctness of a script might depend on the uploading user? Could extensions be available to a subset of the users?)
This permits anonymous to be used in a way more similar to other authentication mechanisms. For example, some sites might permit anonymous users (inside the firewall) read access to a pool of globally readable scripts. A bit far-fetched given that the include script seems dead. 

Arnt
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • managesieve/anonymous, Arnt Gulbrandsen <=
Previous by Date:  Re: Minor issue in draft-ietf-sieve-spamtestbis-02.txt, Alexey Melnikov
Next by Date:  Sieve WG meeting at Montreal IETF, Alexey Melnikov
Previous by Thread:  Re: Minor issue in draft-ietf-sieve-spamtestbis-02.txt, Mark E. Mallett
Next by Thread:  Sieve WG meeting at Montreal IETF, Alexey Melnikov
Indexes:  [Date] [Thread] [Top] [All Lists]